diff --git a/pom.xml b/pom.xml
index ac7ffa046..2bbcf42c4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
org.jenkins-ci.plugins
plugin
- 4.80
+ 4.81
@@ -30,6 +30,7 @@
jenkinsci/bitbucket-branch-source-plugin
2.401.3
2.0
+ true
diff --git a/src/main/java/com/cloudbees/jenkins/plugins/bitbucket/BitbucketApiUtils.java b/src/main/java/com/cloudbees/jenkins/plugins/bitbucket/BitbucketApiUtils.java
index f33cfca52..c9bb8eb66 100644
--- a/src/main/java/com/cloudbees/jenkins/plugins/bitbucket/BitbucketApiUtils.java
+++ b/src/main/java/com/cloudbees/jenkins/plugins/bitbucket/BitbucketApiUtils.java
@@ -35,7 +35,7 @@ public static ListBoxModel getFromBitbucket(SCMSourceOwner context,
if (repoOwner == null) {
return new ListBoxModel();
}
- if (context == null && !Jenkins.get().hasPermission(Jenkins.ADMINISTER) ||
+ if (context == null && !Jenkins.get().hasPermission(Jenkins.MANAGE) ||
context != null && !context.hasPermission(Item.EXTENDED_READ)) {
return new ListBoxModel(); // not supposed to be seeing this form
}
diff --git a/src/main/java/com/cloudbees/jenkins/plugins/bitbucket/SSHCheckoutTrait.java b/src/main/java/com/cloudbees/jenkins/plugins/bitbucket/SSHCheckoutTrait.java
index 4bcb620ab..626ba2b70 100644
--- a/src/main/java/com/cloudbees/jenkins/plugins/bitbucket/SSHCheckoutTrait.java
+++ b/src/main/java/com/cloudbees/jenkins/plugins/bitbucket/SSHCheckoutTrait.java
@@ -171,7 +171,7 @@ public ListBoxModel doFillCredentialsIdItems(@CheckForNull @AncestorInPath Item
@QueryParameter String serverUrl,
@QueryParameter String credentialsId) {
if (context == null
- ? !Jenkins.get().hasPermission(Jenkins.ADMINISTER)
+ ? !Jenkins.get().hasPermission(Jenkins.MANAGE)
: !context.hasPermission(Item.EXTENDED_READ)) {
return new StandardListBoxModel().includeCurrentValue(credentialsId);
}
@@ -202,7 +202,7 @@ public FormValidation doCheckCredentialsId(@CheckForNull @AncestorInPath Item co
@QueryParameter String serverUrl,
@QueryParameter String value) {
if (context == null
- ? !Jenkins.get().hasPermission(Jenkins.ADMINISTER)
+ ? !Jenkins.get().hasPermission(Jenkins.MANAGE)
: !context.hasPermission(Item.EXTENDED_READ)) {
return FormValidation.ok();
}
diff --git a/src/main/java/com/cloudbees/jenkins/plugins/bitbucket/endpoints/AbstractBitbucketEndpointDescriptor.java b/src/main/java/com/cloudbees/jenkins/plugins/bitbucket/endpoints/AbstractBitbucketEndpointDescriptor.java
index 951a69509..42abca4e7 100644
--- a/src/main/java/com/cloudbees/jenkins/plugins/bitbucket/endpoints/AbstractBitbucketEndpointDescriptor.java
+++ b/src/main/java/com/cloudbees/jenkins/plugins/bitbucket/endpoints/AbstractBitbucketEndpointDescriptor.java
@@ -56,7 +56,7 @@ public abstract class AbstractBitbucketEndpointDescriptor extends Descriptor getEndpoints() {
* @param endpoints the list of endpoints.
*/
public synchronized void setEndpoints(@CheckForNull List endpoints) {
- Jenkins.get().checkPermission(Jenkins.ADMINISTER);
+ Jenkins.get().checkPermission(Jenkins.MANAGE);
List eps = new ArrayList<>(Util.fixNull(endpoints));
// remove duplicates and empty urls
Set serverUrls = new HashSet<>();
diff --git a/src/test/java/com/cloudbees/jenkins/plugins/bitbucket/endpoints/BitbucketEndpointConfigurationTest.java b/src/test/java/com/cloudbees/jenkins/plugins/bitbucket/endpoints/BitbucketEndpointConfigurationTest.java
index 3f606543f..ed5a85e9b 100644
--- a/src/test/java/com/cloudbees/jenkins/plugins/bitbucket/endpoints/BitbucketEndpointConfigurationTest.java
+++ b/src/test/java/com/cloudbees/jenkins/plugins/bitbucket/endpoints/BitbucketEndpointConfigurationTest.java
@@ -32,6 +32,7 @@
import com.cloudbees.plugins.credentials.impl.UsernamePasswordCredentialsImpl;
import com.google.common.io.Resources;
import hudson.XmlFile;
+import hudson.model.User;
import hudson.security.ACL;
import hudson.security.ACLContext;
import hudson.security.AuthorizationStrategy;
@@ -49,7 +50,9 @@
import org.junit.Before;
import org.junit.ClassRule;
import org.junit.Test;
+import org.junit.jupiter.api.Assertions;
import org.jvnet.hudson.test.JenkinsRule;
+import org.jvnet.hudson.test.MockAuthorizationStrategy;
import static org.hamcrest.Matchers.contains;
import static org.hamcrest.Matchers.hasSize;
@@ -129,6 +132,29 @@ public void given__newInstance__when__configuredAsAnon__then__permissionError()
}
@Test
+ public void given__newInstance__when__configuredAsManage__then__OK() {
+ BitbucketEndpointConfiguration instance = new BitbucketEndpointConfiguration();
+ try {
+ j.jenkins.setSecurityRealm(j.createDummySecurityRealm());
+ MockAuthorizationStrategy mockStrategy = new MockAuthorizationStrategy();
+ mockStrategy.grant(Jenkins.MANAGE).onRoot().to("admin");
+ j.jenkins.setAuthorizationStrategy(mockStrategy);
+ try (ACLContext context = ACL.as(User.get("admin"))) {
+ instance.setEndpoints(Arrays.asList(
+ new BitbucketCloudEndpoint(true, "first"),
+ new BitbucketCloudEndpoint(true, "second"),
+ new BitbucketCloudEndpoint(true, "third")));
+ assertThat(instance.getEndpoints(), contains(instanceOf(BitbucketCloudEndpoint.class)));
+ assertThat(instance.getEndpoints().get(0).getCredentialsId(), is("first"));
+ } catch (RuntimeException x) {
+ Assertions.fail("No exception should be thrown");
+ }
+ } finally {
+ j.jenkins.setAuthorizationStrategy(AuthorizationStrategy.UNSECURED);
+ }
+ }
+
+ @Test
public void given__newInstance__when__configuredWithServerUsingCloudUrl__then__convertedToCloud() {
BitbucketEndpointConfiguration instance = new BitbucketEndpointConfiguration();
assumeThat(instance.getEndpoints().get(0).getCredentialsId(), not(is("dummy")));